Importing Findings Data

Ticketing Systems

The Veracode Integration for Jira Cloud enables you to do one-time imports, selective imports, and automated imports of security findings from Veracode scans.

The Veracode Integration for Jira Cloud automatically sets the Priority field of an imported flaw if that field is available and has default values. The plugin sets the priority based on the severity of the flaw in the Veracode scan results, using the following formula:
  • If Severity = 5, the bug priority is set to Highest
  • If Severity = 4, the bug priority is set to High
  • If Severity = 3, the bug priority is set to Medium
  • If Severity <= 2, the bug priority is set to Lowest

After importing flaws, you can see them in Jira, assigned to the user.

The title and description of all imported sandbox flaws are prefixed by the word Sandbox to differentiate them from regular policy scan flaws.



When the plugin creates a Jira issue for each flaw, it also adds a comment to the flaw in the Veracode Platform.